class UserController < ApplicationController
  
  # TODO Add user registration
  # TODO Add account management (change password and whatnot)
  
  before_filter :login_required, :only => :my_account
  
  def login
    if session[:id]
      flash[:error] = 'You are already logged in!'
      redirect_to :action => "my_account"
    else
      @page_title = "Login"
      @user = User.new
      @user.username = params[:username]
    end
  end

  def process_login
    if user = User.authenticate(params[:user])
      session[:id] = user.id
      flash[:message] = 'Logged in!'
      redirect_to :action => "my_account"
    else
      flash[:error] = 'Invalid login.'
      redirect_to :action => "login", :username => params[:user][:username]
    end
  end

  def logout
    reset_session
    flash[:message] = 'Logged out.'
    redirect_to :action => "login"
  end

  def my_account
    @page_title = "My Account"
  end
end
